Application Security Analyst

Toyota North America•Plano, TX

About The Position

Toyota Financial Services (TFS) Technology team is looking for a highly motivated person to fill a role as a Application Security Analyst. Your responsibilities will be to ensure the security of company software applications, web services, and APIs. You will work closely with development teams to identify vulnerabilities, suggest remediation efforts, and integrate security controls into the DevOps pipeline. The role involves ensuring the security and integrity of our products and third-party software, providing guidance on security risks.

Requirements

Typically, 3-6 years of experience in application security, with significant hands-on experience using SAST/SCA/DAST tools and methodologies.
Proven expertise in testing complex web applications, APIs, and mobile applications for security vulnerabilities.
Strong understanding of application security standards (e.g., OWASP Top Ten, SANS CWE Top 25).
Familiarity with programming languages and frameworks commonly used in web and mobile applications, including Java, Python, Bash/Shell Scripting, PHP, Javascript, etc.
Strong understanding of CI/CD tools (e.g., Jenkins, Harness, GHA).
Familiarity with containerization and orchestration (Docker, Kubernetes).
Knowledge of cloud platforms (AWS, Azure, GCP) and their security features.
Knowledge of Infrastructure as Code (Terraform, Ansible).

Nice To Haves

Strong analytical and problem-solving skills.
Excellent communication and collaboration abilities.
Ability to work in a fast-paced, agile environment.
Ability to lead security testing initiatives and mentor junior security engineers.

Responsibilities

Collaborate with developers to "shift left"—integrating security early in the software development life cycle (SDLC)
Integrate security tools like SAST, DAST, and SCA into development processes.
Review code for security vulnerabilities and provide guidance to developers on remediation and secure coding practices.
Prepare detailed vulnerability reports and dashboards for leadership, prioritizing risks based on business impact.
Stay updated on emerging threats and vulnerabilities relevant to application security.
Provide guidance and training on interpreting reports and strategies for remediation.

Benefits

A work environment built on teamwork, flexibility, and respect.
Professional growth and development programs to help advance your career, including tuition reimbursement.
Team Member Vehicle Purchase Discount.
Toyota Team Member Lease Vehicle Program (if applicable).
Comprehensive health care and wellness plans for your entire family.
Toyota 401(k) Savings Plan with a company match, plus an annual retirement contribution from Toyota regardless of your own contributions.
Paid holidays and paid time off.
Referral services for prenatal services, adoption, childcare, schools, and more.
Tax advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA).
Relocation assistance (if applicable).